Sometimes, you can encounter an error shown at the bottom right when you try to create a detector or click on security analytics or any other links within the analytics.
For example, in the screenshot below:
To fix that:
Option 1:
- Go to Index Management > Indexes
- Search for the index .opensearch-sap-log-types-config
- Delete it.
An example is in the screenshot below:
- Go to Security Analytics > Threat detectors > Log types
Now you can see lists of Log types.
If you don’t find index .opensearch-sap-log-types-config
Option 2:
- Go to Dev Tools
- Use this command:
GET .opensearch-sap-log-types-config
You will see:
- Use this command
DELETE .opensearch-sap-log-types-config
Now, everything works fine, and you can Create a New Detector.
The post OpenSearch: How to Fix Security Analytics Error When You Try to Create a New Detector appeared first on SOC Prime.